[-=:< Phrack Loopback >:=-]
By Phrack Staff
Phrack Loopback is a forum for you, the reader, to ask questions, air
problems, and talk about what ever topic you would like to discuss. This is
also the place Phrack Staff will make suggestions to you by reviewing various
items of note; magazines, software, catalogs, hardware, etc.
______________________________________________________________________________
Review of 2600 Magazine Autumn 1991
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
PO Box 752 Individual Subscription Rates:
Middle Island, NY 11953 US : 4 issues (1 year) $21.00
InterNet: 2600@well.sf.ca.us OS : 4 issues (1 year) $30.00
Phone: 516-751-2600 Corporate / Business Rates:
Fax: 516-751-2608 : 4 issues (1 year) $50.00
By Dispater
2600 Magazine has been published since 1984 by Emmanuel Goldstein. "The
Hacker Quarterly" runs just shy of 50 pages and is printed with nice glossy
covers to make a 5.5"x8.25" magazine. In 2600 you will find the usual articles
about hacking and phreaking, as well as a few surprises. 2600 often covers
topics that do not necessarily pertain to hacking or phreaking, but are quite
useful. There is also a "letters to the editor" section and even a place for
people to buy/sell goodies.
This particular issue contains an article on Simplex locks and how easy it
is to open them. Included are pictures of opened Federal Express mail boxes
that use Simplex locks. The next most interesting thing I found was an
article on those strange little lines on business letters. "Postal Hacking"
will not necessarily tell you how to mail letters for free, but will tell you
how you can speed up the process of delivery for free. Then there was the the
"Protecting Your Social Security Number" article that was recently printed in
Phrack Inc Issue 35.
There was also an article about the video tape of the Dutch hackers
breaking into the military systems. 2600 even offers to sell the videotape
that was partially played on the evil Geraldo Show [dick]. There was also a
good article written about psychology in the hacker world. The somewhat
Freudian analysis of the female security agent fearing "mounting" (of her hard
drive), "penetration" (of her system), "infection" (from viri), and "has a
headache" (due to hackers) was insiteful as well as very funny. Moving on to
the other parts of 2600, you can find scattered tidbits of misc information
(ie: lists of COCOTs, NUAs, ANIs, small useful programs, and interesting
business/government forms they get from readers, etc)
Finally, this is the part that everyone complains about, the price. But,
2600 has a great deal for those poor college hacker out there. If you submit
something to 2600 Magazine that is printed, you get a free subscription. That
sounds fair to me! Maybe we should try the same thing with Phrack?
All in all 2600 Magazine is a GREAT publication and is highly recommended.
_______________________________________________________________________________
What's On Your Mind?
~~~~~~~~~~~~~~~~~~~~
:: Some People Never Get The Hint ::
Recently Phrack Inc. received a subscription request from an individual
who played a key role in Operation Sun-Devil. You may know him from bulletin
boards where he often used names like "The Dictator" or "Blind Faith." We know
him as Dale Drew. Who would imagine that he would dare to ask us for a
subscription? I personally couldn't believe it.
Just in case you forgot or have been living in a hole for the past two
years, Dale Drew was a paid United States Service informant who secretly
enabled government agents to videotape SummerCon '88 in St. Louis, Missouri.
The following is an example of a Dale Drew/The Dictator/Blind Faith
posting on a bulletin board. He claims to be a cosysop on Lutzifer as well as
some other nonsense.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ZDDDDD Packet Switching Networks/PSNs DDDD September 27, 1991 at 8:52 pm DDDDD?
3 Left by Blind Faith (Level 40)Title: Telenet (No Replies)3
3 > CoSys on Lutz (Tymnet) Dispater writes:
>
> I think the joke issue of Phrack (36) will contain a top 10 list of stupid
> things the SS likes to take.
I am consulting with the defense for an up coming trial and had the opportunity
to examine the "evidence" seized in the defendant's home. Notable items: model
rocket launcher, local area street maps, about a dozen 2500-style telephones, a
typewriter, pre-recorded audio cassettes. An interesting item was left behind:
a TSPS console.
One wonders what (if anything) goes through the minds of the officers executing
the warrant.
John
_______________________________________________________________________________
:: Fed Proof Your BBS, NOT! ::
I'm sure many of you have seen text files on making your BBS more secure.
One such file floating around is by Babbs Boy of Midnight Society. One of the
members of our Phrack Staff showed this document to EFF's Mike Godwin, who is
an attorney. He had the following comments:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
From: Mike Godwin
To: Phrack Inc.
(In regards to some of the files about how to "fed-proof" your bbs:)
> Let's start with the log on screen: If FEDZ want anything from your board,
> they are required to provide 100% accurate information.
This is false. Ask the legislators who've been convicted in "sting"
operations. In fact, so far as I can tell in a brief run-through of this
document, absolute no part of the so-called "legal" advice is true.
Law enforcement agents who misrepresent their identities (e.g., "undercover
agents") produce admissible evidence all the time.
--Mike
_______________________________________________________________________________
:: Diet Phrack is Good For You ::
From: Gordon Meyer
To: Dispater
Subject: Phrack #36
Thanks for sending over Diet Phrack! It looks like some of the old energy has
finally been renewed. I especially liked the introduction, there is intensity,
pride, and humor sprinkled thru out. Reminds me a lot of some of the "old"
PHRACK issues. Neat!
Later,
Gordon R. Meyer
_______________________________________________________________________________
:: Anonymous Mail ::
From: Creeping Death
> Hi guys. I was wondering if you could tell me how to send anonymous
> mail. I heard that you could but no one here at my university seems to have
> a clue. Please help me out
>
There are many ways to do this. One way is to use the method described
below. However, keep in mind there are other ways of doing this.
Dispater
- - - - - - - - - - - - - - - - - - - - - - - - - - -
Anonymous Mail via SMTP Using A Simple Shell Script
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: The Artful Dodger
This file is for those people who like/want to send anonymous mail via the
net but don't like the hassle of raw SMTP commands. So, I wrote a simple shell
script to take care of this. This program is quite simple but I will give a
brief explanation anyway.
There are two ways to run this program. Just type the name you save it as
or the name you save it as plus the person you want to mail. Either way you
will eventually get to the From: prompt. If you just hit return at this prompt
it will assign your userid@your hostname. Otherwise you can type whatever you
feel like.
Next you will get the prompt asking you which host you wish to use for
SMTP. If you are using the host you are on, just hit return as this is the
default. Otherwise enter any host that allows telnet to port 25. Then you get
to pick which editor you wish to use for mailing. It defaults to vi but you
can use whatever you like. Basically, that is all there is interactively.
After you enter this information, the program creates a file called tmpamail1.
To this file it appends four lines of data. The first line is 'helo amail' as
some host's SMTP port will not accept commands until one introduces themself to
the host. The next line is 'mail from: ' and who the mail is from or who it is
supposedly from. The third line contains 'rcpt to: ' and who the mail is going
to. And the last line is simply the word 'data'.
Now, these commands could all be entered manually but why bother when you
have a program to do it for you. Ok, now the program invokes your editor and
creates a file called tmpamail2. After you are done making the message and you
exit the editor, it asks you if you want to send this message. I believe that
is pretty much self explanatory. Then the program appends a '.' and a 'quit'
to tmpamail2. Then it appends tmpamail2 to tmpamail1 so you have one file
containing all the necessary header info to send a message via SMTP and quit
>from SMTP. Then the program sends all this to port 25 of the host that was
specified. And if all goes well, the person should have some mail waiting for
them. And one last thing. The program deletes both tmpamail files after it is
finished. Well, I hope you all enjoy this little script as it makes sending
anonymous mail a little easier.
The Artful Dodger
===============================================================================
#! /bin/csh -fB
### This is a simple shell script for easy use of anonymous mail. To run the
### program just save it and delete everything up until the #! /bin/csh -fB
### line. Then just type the name you save it as or the name and whoever
### you will be mailing. e.g. amail bill@some.university.edu or just amail.
###
### The Artful Dodger
if ($1 != "") then
set mto=$1
else
echo 'To: '
set mto=$<
endif
echo -n 'From: '
set mfrom=$<
echo -n 'Use which host for smtp (return for '`hostname`') ? '
set usehost=$<
echo -n 'Use which editor (return for vi)? '
set editor=$<
if($editor =="") then
set editor=vi
endif
if ($mfrom == "") then
set mfrom=`whoami`'@'`hostname`
endif
echo 'helo amail' >> tmpamail1
echo 'mail from: '$mfrom >> tmpamail1
echo 'rcpt to: '$mto >> tmpamail1
echo 'data' >> tmpamail1
$editor tmpamail2
clear
echo -n 'Are you sure you want to send this? '
set yorn=$<
if($yorn == 'y') then
echo . >> tmpamail2
echo quit >> tmpamail2
cat tmpamail2 >> tmpamail1
telnet $usehost 25 < tmpamail1 > /dev/null
echo 'Mail has been sent to: '$mto
echo ' From: '$mfrom
endif
rm tmpamail1 tmpamail2